Overview

overview

7

Static

static

3

81c16698aa...18.exe

windows7-x64

7

81c16698aa...18.exe

windows10-2004-x64

7

$PLUGINSDIR/Info.dll

windows7-x64

3

$PLUGINSDIR/Info.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_21_.exe

windows7-x64

1

$_21_.exe

windows10-2004-x64

1

background.js

windows7-x64

3

background.js

windows10-2004-x64

3

red.html

windows7-x64

1

red.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81c16698aad62bb18d9d4d4342c8a93a_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240529-ys6yzaha37

  • MD5

    81c16698aad62bb18d9d4d4342c8a93a

  • SHA1

    c360d8efcf371c86b367d564e3071f151ac7308d

  • SHA256

    21788eb040531132a70e80b3f6bf0f141fce91e003a466255142819a882d298d

  • SHA512

    ae0514135b8dd96e67f7aa701fc57dfb234e24feeca41935d6878752ee1843e0cfa9a6b63a5d77b638869b1770c3a620d45f6246ca20bcfabf79a77a15a42917

  • SSDEEP

    49152:rwEOI5bcMkfmmJeq/4MWiCUFj/F/IPQcNkEVI31U4YERu4:ROIJcMavL/2UFTFgIyI31U4YEJ

Score
7/10
execution

Malware Config

Targets

    • Target

      81c16698aad62bb18d9d4d4342c8a93a_JaffaCakes118

    • Size

      1.9MB

    • MD5

      81c16698aad62bb18d9d4d4342c8a93a

    • SHA1

      c360d8efcf371c86b367d564e3071f151ac7308d

    • SHA256

      21788eb040531132a70e80b3f6bf0f141fce91e003a466255142819a882d298d

    • SHA512

      ae0514135b8dd96e67f7aa701fc57dfb234e24feeca41935d6878752ee1843e0cfa9a6b63a5d77b638869b1770c3a620d45f6246ca20bcfabf79a77a15a42917

    • SSDEEP

      49152:rwEOI5bcMkfmmJeq/4MWiCUFj/F/IPQcNkEVI31U4YERu4:ROIJcMavL/2UFTFgIyI31U4YEJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Info.dll

    • Size

      684KB

    • MD5

      3aacd798bbeb527dc546b6d6fdff7fef

    • SHA1

      8ef0976dfb3eee1e9fdf7aad81170e195b2eb822

    • SHA256

      13e7666c84824d5dea12e65239ed21b16c933764ce8f5fe66c39a7b26488a6dc

    • SHA512

      e91a4d5b7bed8797e393c75f6f2d02e05fe39faf286353106082e9bfb0dade592eaec3f322662faff04b343f2490b1cc0b006bc6711a5448c42578732d9ec85f

    • SSDEEP

      12288:+xqrGlLpSOg1ZLYssSxwm6/jx7cg4D95l1ALuLYVppSCNtWueY4H4o9:+xq6lLp4wLjNcg4D3ki6ppSCDWuyH4o9

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      14KB

    • MD5

      21010df9bc37daffcc0b5ae190381d85

    • SHA1

      a8ba022aafc1233894db29e40e569dfc8b280eb9

    • SHA256

      0ebd62de633fa108cf18139be6778fa560680f9f8a755e41c6ab544ab8db5c16

    • SHA512

      95d3dbba6eac144260d5fcc7fcd5fb3afcb59ae62bd2eafc5a1d2190e9b44f8e125290d62fef82ad8799d0072997c57b2fa8a643aba554d0a82bbd3f8eb1403e

    • SSDEEP

      192:OFb8Y8oqy2mqZc9hGBQHRx39oRxmMvURkB/Fs:qb8Y8nKqohGBKxox9vURw/a

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      $_21_

    • Size

      1.5MB

    • MD5

      3a1d89b89c9d62951957f0839578dd9b

    • SHA1

      c2cdf8f5cf8f8e7082898326b1937499defa5c63

    • SHA256

      c58b55d41a7263335dccea79bb2b095761caafebfc689957740a96147b86000e

    • SHA512

      504d0bb0c64a33bc5fc38ac7907f6a2797e53935e28e9554906efb4ba42348a5bd2cb2947c336ca6e25584e7279500fe2ffc007ffec20ee1c57bf09b597ae308

    • SSDEEP

      24576:o+xHfELX8AJvAnkpNEZBnbbtCRq4lxJYDZHWLEapSMqTaZG8AT8x/x5HWYzw:X28wAT3sRF1i0EapSMqT4VRWL

    Score
    1/10
    behavioral10behavioral9

    • Target

      background.js

    • Size

      28KB

    • MD5

      a0ca388eeda514407d887a04b9c7cd02

    • SHA1

      43eed7f48f89ae0d8692a8343a64393a784a95ea

    • SHA256

      f39b34be149b91d5608eb7321a3842d589347b9c911dada64f21e5cfd81c4563

    • SHA512

      f0b92bcc0156ebc6c545d57471b36558fdebeb44cef76ed1b0eb8e57cf4bc47da8393a8964e25818cd66a038c650d8f7a48a2e73cfe14cbac20f9c0d45fb4d8b

    • SSDEEP

      384:23PDonwBZ3PoJwuKNIM1g1B43B4X3O7qPy67Vvp1gP:2rgwIM1g16c3OOPy6BLgP

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      red.html

    • Size

      89B

    • MD5

      e5f05b94cfb528112e8725d052fabd38

    • SHA1

      046268df7f4488126caf5abc6838025fd6cdca68

    • SHA256

      7f45d0e40b3cb5a982581d86996954ada3300cee7391fde211684f1a3915cc6b

    • SHA512

      a844ef8a2e39705a99178e80904a1751da8ce02a0510a3b60ddef83088ee43bc1cafd1c9ccc1845c8c99c91f0b45b43048e563a7f0653d28516b8b28db20adfb

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks